Password Protection for pages and sites

ASP.Net provides a rich set of features for adding security to pages on a site or the whole site itself. These include 'Creating Users', 'Changing Passwords', 'Password Reminders' etc. It's relatively easy to implement and gives a high level of security but has one big downside, it uses a SQL Server Express database to store the membership data.

Unfortunately SQL Server Express isn't supported by many web hosts and whilst you can easily configure it to use SQL Server itself, the cost of this may be prohibitive for small sites.

Lets look at some simple alternatives. They may not offer the same level of security but for a lot of sites this isn't a problem. These examples all use ASP.Net and VB. For similar examples using Classic ASP, see www.fp-resource.co.uk

 

Single page, single password protection

This protects a single page and has a fixed password. There are two versions.

The password in both cases is 'mypassword'

Example 1: Users need to log in every time they visit the page, even in the same site visit.  Demo   Code

Example 2: Users only need to log in once per site visit.  Demo   Code

The examples are linked so you can see the difference.

 

Multiple pages, single password protection

We can easily take this concept further to protect multiple pages on a site. This time we need a Log-in page.

Example 3: Protecting multiple pages.  Demo   Zip file of the four pages. Unzip these to an EW web and explore how they work.

 

To follow shortly ....

The next step, holding separate usernames and passwords on a simple Access database.